Specifies the TCP/IP address(es) on which the server
is to listen for connections from client applications.
The value takes the form of a comma-separated list of
host names and/or numeric IP addresses. The special entry
* corresponds to all available
IP interfaces. If the list is empty, the server does not
listen on any IP interface at all, in which case only
Unix-domain sockets can be used to connect to it. The
default value is localhost, which allows only local
TCP/IP "loopback" connections
to be made. While client authentication (Chapter 19) allows
fine-grained control over who can access the server,
listen_addresses controls which
interfaces accept connection attempts, which can help
prevent repeated malicious connection requests on
insecure network interfaces. This parameter can only be
set at server start.

port (integer)

The TCP port the server listens on; 5432 by default.
Note that the same port number is used for all IP
addresses the server listens on. This parameter can only
be set at server start.

max_connections (integer)

Determines the maximum number of concurrent
connections to the database server. The default is
typically 100 connections, but might be less if your
kernel settings will not support it (as determined during
initdb). This parameter
can only be set at server start.

Increasing this parameter might cause PostgreSQL to request more
System V shared memory or
semaphores than your operating system's default
configuration allows. See Section 17.4.1 for
information on how to adjust those parameters, if
necessary.

When running a standby server, you must set this
parameter to the same or higher value than on the master
server. Otherwise, queries will not be allowed in the
standby server.

superuser_reserved_connections (integer)

Determines the number of connection "slots" that are reserved for connections
by PostgreSQL
superusers. At most max_connections
connections can ever be active simultaneously. Whenever
the number of active concurrent connections is at least
max_connections minus superuser_reserved_connections, new
connections will be accepted only for superusers, and no
new replication connections will be accepted.

The default value is three connections. The value must
be less than the value of max_connections. This parameter can only
be set at server start.

unix_socket_directory (string)

Specifies the directory of the Unix-domain socket on
which the server is to listen for connections from client
applications. The default is normally /tmp, but can be changed at build time.
This parameter can only be set at server start.

In addition to the socket file itself, which is named
.s.PGSQL.nnnn where nnnn is the server's port number,
an ordinary file named .s.PGSQL.nnnn.lock will be created in
the unix_socket_directory
directory. Neither file should ever be removed
manually.

This parameter is irrelevant on Windows, which does
not have Unix-domain sockets.

unix_socket_group (string)

Sets the owning group of the Unix-domain socket. (The
owning user of the socket is always the user that starts
the server.) In combination with the parameter unix_socket_permissions this can be used
as an additional access control mechanism for Unix-domain
connections. By default this is the empty string, which
uses the default group of the server user. This parameter
can only be set at server start.

This parameter is irrelevant on Windows, which does
not have Unix-domain sockets.

unix_socket_permissions (integer)

Sets the access permissions of the Unix-domain socket.
Unix-domain sockets use the usual Unix file system
permission set. The parameter value is expected to be a
numeric mode specified in the format accepted by the
chmod and umask system calls. (To use the
customary octal format the number must start with a
0 (zero).)

The default permissions are 0777, meaning anyone can connect.
Reasonable alternatives are 0770
(only user and group, see also unix_socket_group) and 0700 (only user). (Note that for a
Unix-domain socket, only write permission matters, so
there is no point in setting or revoking read or execute
permissions.)

This access control mechanism is independent of the
one described in Chapter 19.

This parameter can only be set at server start.

This parameter is irrelevant on systems, notably
Solaris as of Solaris 10, that ignore socket permissions
entirely. There, one can achieve a similar effect by
pointing unix_socket_directory
to a directory having search permission limited to the
desired audience. This parameter is also irrelevant on
Windows, which does not have Unix-domain sockets.

bonjour (boolean)

Enables advertising the server's existence via
Bonjour. The default is
off. This parameter can only be set at server start.

bonjour_name (string)

Specifies the Bonjour
service name. The computer name is used if this parameter
is set to the empty string ''
(which is the default). This parameter is ignored if the
server was not compiled with Bonjour support. This parameter can
only be set at server start.

tcp_keepalives_idle (integer)

Specifies the number of seconds before sending a
keepalive packet on an otherwise idle connection. A value
of 0 uses the system default. This parameter is supported
only on systems that support the TCP_KEEPIDLE or TCP_KEEPALIVE symbols, and on Windows; on
other systems, it must be zero. In sessions connected via
a Unix-domain socket, this parameter is ignored and
always reads as zero.

Note: On Windows, a value of 0 will set
this parameter to 2 hours, since Windows does not
provide a way to read the system default value.

tcp_keepalives_interval (integer)

Specifies the number of seconds between sending
keepalives on an otherwise idle connection. A value of 0
uses the system default. This parameter is supported only
on systems that support the TCP_KEEPINTVL symbol, and on Windows; on
other systems, it must be zero. In sessions connected via
a Unix-domain socket, this parameter is ignored and
always reads as zero.

Note: On Windows, a value of 0 will set
this parameter to 1 second, since Windows does not
provide a way to read the system default value.

tcp_keepalives_count (integer)

Specifies the number of keepalive packets to send on
an otherwise idle connection. A value of 0 uses the
system default. This parameter is supported only on
systems that support the TCP_KEEPCNT symbol; on other systems, it
must be zero. In sessions connected via a Unix-domain
socket, this parameter is ignored and always reads as
zero.

Maximum time to complete client authentication, in
seconds. If a would-be client has not completed the
authentication protocol in this much time, the server
closes the connection. This prevents hung clients from
occupying a connection indefinitely. The default is one
minute (1m). This parameter can
only be set in the postgresql.conf file or on the server
command line.

ssl (boolean)

Enables SSL
connections. Please read Section
17.8 before using this. The default is off. This parameter can only be set at
server start. SSL
communication is only possible with TCP/IP
connections.

ssl_renegotiation_limit (integer)

Specifies how much data can flow over an
SSL-encrypted
connection before renegotiation of the session keys will
take place. Renegotiation decreases an attacker's chances
of doing cryptanalysis when large amounts of traffic can
be examined, but it also carries a large performance
penalty. The sum of sent and received traffic is used to
check the limit. If this parameter is set to 0,
renegotiation is disabled. The default is 0.

Note: SSL libraries from before November
2009 are insecure when using SSL renegotiation, due
to a vulnerability in the SSL protocol. As a stop-gap
fix for this vulnerability, some vendors shipped SSL
libraries incapable of doing renegotiation. If any
such libraries are in use on the client or server,
SSL renegotiation should be disabled.

Warning

Due to bugs in OpenSSL enabling ssl
renegotiation, by configuring a non-zero
ssl_renegotiation_limit,
is likely to lead to problems like long-lived
connections breaking.

ssl_ciphers
(string)

Specifies a list of SSL ciphers that are allowed to be
used on secure connections. See the openssl manual page for a list of
supported ciphers. This parameter is unavailable unless
the server is compiled with support for SSL.

password_encryption (boolean)

When a password is specified in CREATE USER or ALTER USER without writing
either ENCRYPTED or UNENCRYPTED, this parameter determines
whether the password is to be encrypted. The default is
on (encrypt the password).

krb_server_keyfile (string)

Sets the location of the Kerberos server key file. See
Section
19.3.5 or Section 19.3.3 for
details. This parameter can only be set in the postgresql.conf file or on the server
command line.

krb_srvname
(string)

Sets the Kerberos service name. See Section 19.3.5 for
details. This parameter can only be set in the postgresql.conf file or on the server
command line.

krb_caseins_users (boolean)

Sets whether Kerberos and GSSAPI user names should be
treated case-insensitively. The default is off (case sensitive). This parameter can
only be set in the postgresql.conf file or on the server
command line.

db_user_namespace (boolean)

This parameter enables per-database user names. It is
off by default. This parameter can only be set in the
postgresql.conf file or on the
server command line.

If this is on, you should create users as username@dbname. When username is passed by a connecting client,
@ and the database name are
appended to the user name and that database-specific user
name is looked up by the server. Note that when you
create users with names containing @ within the SQL environment, you will
need to quote the user name.

With this parameter enabled, you can still create
ordinary global users. Simply append @ when specifying the user name in the
client, e.g. joe@. The
@ will be stripped off before
the user name is looked up by the server.

db_user_namespace causes the
client's and server's user name representation to differ.
Authentication checks are always done with the server's
user name so authentication methods must be configured
for the server's user name, not the client's. Because
md5 uses the user name as salt
on both the client and server, md5 cannot be used with db_user_namespace.

Note: This feature is intended as a
temporary measure until a complete solution is found.
At that time, this option will be removed.

Submit correction

If you see anything in the documentation that is not correct, does not match
your experience with the particular feature or requires further clarification,
please use
this form
to report a documentation issue.